| Re: Trouble with sending e-mail from simple php script [message #176580 is a reply to message #176565] |
Tue, 10 January 2012 09:58   |
Captain Paralytic
Messages: 204
Registered: September 2010
Karma:
|
Senior Member |
|
|
On Jan 9, 5:00 pm, Tim Streater <timstrea...@greenbee.net> wrote:
> In article
> <be2f03d3-5286-4919-a07a-0f2e93c73...@o14g2000vbo.googlegroups.com>,
> Captain Paralytic <paul_laut...@yahoo.com> wrote:
>
>
>
>
>
>
>
>
>
>> On Jan 9, 2:50 pm, Tim Streater <timstrea...@greenbee.net> wrote:
>>> In article
>>> <36944289-58f2-4cc9-a12f-386aa9ad6...@y7g2000vbe.googlegroups.com>,
>>> Captain Paralytic <paul_laut...@yahoo.com> wrote:
>>>> On Jan 9, 1:40 pm, C <wrong.addres...@gmail.com> wrote:
>>>> > On Jan 9, 2:36 pm, Captain Paralytic <paul_laut...@yahoo.com> wrote:
>
>>>> > > On Jan 8, 6:57 pm, C <wrong.addres...@gmail.com> wrote:
>
>>>> > > > I added four lines for those four variables.
>>>> > > > What does this really do? I already have those values in the
>>>> > > > variables. Why do we have to do this?
>
>>>> > > You only have those values in variables if you are relying on
>>>> > > register_globals being on. The php manual has this to say on that
>>>> > > subject:
>
>>>> > > Warning
>>>> > > This feature has been DEPRECATED as of PHP 5.3.0. Relying on this
>>>> > > feature is highly discouraged.
>
>>>> > > 'nuff said?
>
>>>> > THIS MIGHT BE IT. I will try at home in the evening.
>
>>>> There is no "might" about it. Jeff's suggested lines:
>
>>>> $name = $_POST['name'];
>>>> $orgn = $_POST['orgn'] etc etc
>
>>>> are the way it is done nowadays, because register_globals no longer is.
>
>>> Doing it this way provides some security. It means that the *only* way
>>> to get that data is via the $_POST array. So that means that your script
>>> doesn't start off with values in variables, assume they're OK, and use
>>> them. The old way meant someone could just run your script and preset
>>> *any* variable, even one you didn't mean to have set by the web page. So
>>> if you forgot to initialise $delete, but instead relied on it being null
>>> by default, and your code has this:
>
>>> if ($delete==1)
>>> {
>>> delete_complete_file_system ();
>>> }
>
>>> the bad guy could easily do you some damage.
>> I think I already knew that! And sorry but your post will now be
>> archived regardless of your setting.
>
> And for reasons best known to yourself, you introduced many blank lines
> near the top of your post and failed to snip my .sig.
>
> --
> Tim
>
> "That excessive bail ought not to be required, nor excessive fines imposed,
> nor cruel and unusual punishments inflicted" -- Bill of Rights 1689
Snipping you sig would have prevented your complete message from
staying in the archive.
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]